关键词: 网络行为 协议分析 网络会话 网络监控 有限自动机

Abstract:

With the development and prevalence of networks, the security inside the networks is becoming more and more important. How to monitor and control the  actions of host computers in LANs is the key to solving this question. This paper introduces the framework and functions of distributed network monitori ng system based on the C/S model, and discusses several key technical points such as software architecture, packet decode engine, and so on. Finally thepaper gives the application trend of this system and the test results.

Key words:  （network behavior, protocol analysis, network session, network monitoring, finite state machine）